This module is specific to Shibboleth authentication in koha and relies heavily upon the native shibboleth service provider package in your operating system.

121

122

=head1 CONFIGURATION

123

124

To use this type of authentication these additional packages are required:

125

126

=over

127

128

=item *

129

130

libapache2-mod-shib2

131

132

=item *

133

134

libshibsp5:amd64

135

136

=item *

137

138

shibboleth-sp2-schemas

139

140

=back

141

142

We let the native shibboleth service provider packages handle all the complexities of shibboleth negotiation for use and configuring this is beyond the scope of this documentation; But to sum up, you will need to:

143

144

=over

145

146

=item 1.

147

148

Create some metadata for your koha instance (if you're in a single instance setup then the default metadata available at https://youraddress.com/Shibboleth.sso/Metadata should be adequate)

149

150

=item 2.

151

152

Swap metadata with your Identidy Provider (IdP)

153

154

=item 3.

155

156

Map their attributes to what you want to see in koha

157

158

=item 4.

159

160

Tell apache that we wish to allow koha to authenticate via shibboleth; This is as simple as adding the below to your virtualhost config:

161

162

=begin text

163

164

<Location />

165

AuthType shibboleth

166

Require shibboleth

167

</Location>

168

169

=end text

170

171

=item 5.

172

173

Configure koha to listen for shibboleth environment variables; To do this we add <useshibboleth>1</useshibboleth> for the koha-conf.xml file